March 2009 Sipera Overview. 2 © 2009 Sipera Systems, Inc. All Rights Reserved. About Sipera  Leader in real-time Unified Communications (UC) security.

Slides:

Advertisements

Similar presentations

October 10-13, 2006 San Diego Convention Center, San Diego California VoIP/SOA Integration Impact on IT Apps, Processes, & Overall Business.

Advertisements

The leader in session border control for trusted, first class interactive communications.

SIP Trunking A VASP Perspective Thomas Roel Convergence Sales Engineer

Addressing Security Issues IT Expo East Addressing Security Issues Unified Communications SIP Communications in a UC Environment.

1 © 2005 Cisco Systems, Inc. All rights reserved. CONFIDENTIAL AND PROPRIETARY INFORMATION Cisco Wireless Strategy Extending and Securing the Network Bill.

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

© 2009 Avaya Inc. All rights reserved. Page 1 AT&T Mobile Extension with Avaya one-X Mobile.

1 Voice over Internet Protocol (VoIP) Security Affects on the IP Network Architecture Conference ICS – Wireless Group Meeting Tempe, Arizona.

Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.

Solutions for SIP The SIP enabler We enable SIP communication for business What the E-SBC can do for you.

CounterPath Corporation William Khris Kendrick: – Director of Business Development and Channel Marketing – –

Securing Unified Communications Mor Hezi VP Unified Communications AudioCodes.

Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.

© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.

Enterprise Infrastructure Solutions for SIP Trunking

1 © 2001, Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Cisco Easy VPN Solutions Applications and Implementation with Cisco IOS.

Joel Maloff Phone.com February, 2012.

© 2009 Avaya Inc. All rights reserved. Introduction to SIP Trunking Alan Klein Consulting Systems Engineer February 2009.

Improving Customer Satisfaction Through Advances in Remote Management Technology Greg Michel Product Manager Quintum Technologies Inc.

IT Expo SECURITY Scott Beer Director, Product Support Ingate

Common Misconceptions Alan D. Percy Director of Market Development The Truth of Enterprise SIP Security.

© Aastra Aastra BluStar for PC High-Quality Audio and HD Video from Your Desktop.

Module/Subject #/title here Copyright Objectworld Communications Corp. SIP Trunking Seminar Series In conjunction withSponsored by TMC San Diego, CA Oct.

Presence Applications in the Real World Patrick Ferriter VP of Product Marketing.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Introducing Routing and Switching in the Enterprise – Chapter 1 Networking.

The Voice Security Company Kirk Vaughan Product Director –VoIP SIP Application Security.

RSA Security Validating Users and Devices to Protect Network Assets Endpoint Solutions for Cisco Environments.

UC Security with Microsoft Office Communication Server R1/R2 FRHACK Sept 8, 2009 Abhijeet Hatekar Vulnerability Research Engineer.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Ingate & Dialogic Technical Presentation SIP Trunking Focused.

SIP? NAT? NOT! Traversing the Firewall for SIP Call Completion Steven Johnson President, Ingate Systems Inc.

Mobility And Anywhere Access Clancy Priest Technology Services Director City of Hayward.

PART 2: Product Line. Tenor Switches & Gateways Tenor AX Series Solution For Medium to Large Enterprises  Available in 8, 16, 24 and 48 port Available.

Unify and Simplify: Security Management

A New IMS-Like Architecture for Enterprise Applications Reid Stidolph Master Principle Solutions Architect Communications Global Business Unit October.

The Future of Unified Communications Jim Greenway VP, Marketing, U4EA UC Definition SMB a Large Opportunity –Market for UC in SMB –Examples Conclusion.

VoIP Security Best Practices Bogdan Materna CTO & VP Engineering VoIPshield Systems Session: U /02/2009.

© 2013 Avaya Inc. All rights reserved Avaya UC Collaboration Solution A complete solution for midsize companies Mobility Video SecurityNetworking.

Quintum Confidential and Proprietary 1 Quintum Technologies, Inc. Session Border Controller and VoIP Devices Behind Firewalls Tim Thornton, CTO.

Existing PBX Existing Phone Handsets Numbering Plan to digit Internal extensions 9 for an outside line 3 digits.

© 2006 Cisco Systems, Inc. All rights reserved. Optimizing Converged Cisco Networks (ONT) Module 6: Implement Wireless Scalability.

IP Security IP sec IPsec is short for Internet Protocol Security. It was originally created as a part of IPv6, but has been retrofitted into IPv4. It.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Exploring the Enterprise Network Infrastructure Introducing Routing and Switching.

David Wippich, CEO Ensim. What We’ll Talk About Today Crazy Market Dynamics Convergence of Convergence Unifying Unified Communications Benefits of Complexities.

Security Challenges in the Enterprise. January 23-25, 2008 Miami Beach Convention Center Miami, Florida USA 2 Panelists Franchesca Walker,

Identity Assurance Emory University Security Conference March 26, 2008.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

0 What Does SIP Bring to Your Customer Experience ? Extend VoIP and IP Contact Center values through support of SIP o Media and location independent support.

Asif Jinnah Field Desktop Services Enabling a Flexible Workforce, an insider’s view.

© 2011 AudioCodes Ltd. All rights reserved. AudioCodes Confidential Proprietary Avaya DevConnect Certified Enterprise Session Border Controllers April.

Living With Your New IP PBX David M. Laurenson, VP Information Technology and CIO A. Finkl & Sons A.Finkl & Sons founded in 1879 HQ in Chicago World’s.

Avtec Inc Virtualization - Securely Moving to the Cloud.

ShoreTel Virtualization February, © 2014 ShoreTel, Inc. All rights reserved worldwide. Unified Communications Deployment Model 1 Secure Reliable.

Delivering Reliability and Security in a VoIP Solution November 8, 2005 Michael Porter Avaya Inc. Government Marketing Director Today I’m going to talk.

IP Security IP sec IPsec is short for Internet Protocol Security. It was originally created as a part of IPv6, but has been retrofitted into IPv4. It works.

Securing the Network Perimeter with ISA 2004

Things to Consider….. Before You Deploy UC

Check Point Connectra NGX R60

Enterprise Infrastructure Solutions for SIP Trunking

Contact Center Security Strategies

The Need for Enterprise Session Border Controller

Enabling the hybrid cloud with remote access appliances

Helping to Achieve ROI Targets with SIP Trunking

Security Considerations for the Enterprise

Ingate & Dialogic Technical Presentation

Microsoft Data Insights Summit

In the attack index…what number is your Company?

IT Management, Simplified

IT Management, Simplified

Presentation transcript:

March 2009 Sipera Overview

2 © 2009 Sipera Systems, Inc. All Rights Reserved. About Sipera  Leader in real-time Unified Communications (UC) security Confidently deploy UC over any network Award-winning UC-Sec appliances  VIPER Lab Proactive vulnerability research and assessments  Major Partners Avaya DevConnect Platinum Cisco Affiliate Microsoft Metro Technology Nortel Select Product RSA Secured Partner

3 © 2009 Sipera Systems, Inc. All Rights Reserved. Benefits of Unified Communications  UC benefits come from extending the UC network  New modes of collaboration Extended workforce Suppliers Partners Clients  Corporate policies Business continuity Privacy compliance, auditing Green initiatives  Cost reduction Converged infrastructure SIP trunks Clients Suppliers, Partners Enterprise Extended Workforce IP-PBX UC Assets Employees, Departments Remote Phones SIP Trunks Internal Phones

4 © 2009 Sipera Systems, Inc. All Rights Reserved. Enterprise Challenges of Extending UC  IP PBX & phone protection  Policy and compliance enforcement  Device and user authentication  Signaling and media privacy  Deployment Phone configuration and management Corporate firewall configuration Remote firewall traversal Clients Suppliers, Partners Extended Workforce IP-PBX UC Assets Employees, Departments Remote Phones SIP Trunks Internal PhonesSIP Trunks Rogue EmployeeSpammer Internet HackerInfected PC

5 © 2009 Sipera Systems, Inc. All Rights Reserved. Meeting the Challenges  Sipera UC-Sec security appliance Protect UC network Authenticate users Encrypt sessions Enforce business policies and monitor compliance Simplify deployment of remote users, soft phones, and SIP trunks  Sipera VIPER Lab Proactive vulnerability research Vulnerability assessments  Sipera Managed Services Enterprise Clients Suppliers, Partners Extended Workforce Employees, Departments Remote Phones SIP Trunks Internal PhonesSIP Trunks Rogue EmployeeSpammer Internet HackerInfected PC IP-PBX UC Assets

6 © 2009 Sipera Systems, Inc. All Rights Reserved. Sipera’s Value  Extended Workforce Flexibility: Teleworkers, Distributed call centers, Business continuity  Suppliers, Partners Collaboration: Supply chain automation, Channel management  Policy Enforcement Compliance: Logging, Privacy compliance records, Security policy enforcement, Auditing  Clients Interaction: Secure virtual storefronts, Multi-mode communication Enterprise Clients Suppliers, Partners Extended Workforce Employees, Departments Remote Phones SIP Trunks Internal PhonesSIP Trunks IP-PBX UC Assets Interaction CollaborationFlexibility Compliance

7 © 2009 Sipera Systems, Inc. All Rights Reserved. Examples  Fortune 100: VoIP calls, voic passwords intercepted Sipera solved problems  Bank: “Virtual bank” interface to customers Sipera detected and blocked critical attack  Fortune 100: VoIP calls intercepted and used by external parties Sipera investigated and found gaps  Higher Education: University needed to comply with privacy requirements, but keep open IT environment Targeted Sipera deployment secures privacy, enables open environment

8 © 2009 Sipera Systems, Inc. All Rights Reserved. Summary  Extending UC increases its value  Sipera UC-Sec enables teleworkers, SIP trunks, and enterprise VoIP  Extending UC leads to unique security issues different than data  Sipera UC-Sec secures UC networks  Sipera VIPER Lab delivers proactive vulnerability research and assessments

9 © 2009 Sipera Systems, Inc. All Rights Reserved. Backup

10 © 2009 Sipera Systems, Inc. All Rights Reserved. Sipera IPCS Appliances  Sized based on registered users and simultaneous sessions  Encryption affects sizing UC-Sec 200, 500 UC-Sec 1000, 2000 UC-Sec 3000, 5000 UC-Sec UC-Sec IPCS Appliance Target Market Branch / SMBSmall enterpriseEnterprise, Small Provider Enterprise, Provider Big enterprise, Provider Registered users 200 & 5001,000 & 2,0003,000 & 5,00010,00050,000 Simultaneous sessions 100 & & & 1,2502,00010,000 Signaling latency < 10 ms Media latency < 500 µs< 50 µs

11 © 2009 Sipera Systems, Inc. All Rights Reserved. VoIP Security is Different UC-SecFirewallIP-PBX …requires intimate knowledge of VoIP and call states IDS / IPS Layer 3 attack Layer 4 attack Layer 3 attack Layer 4 attack SBC OS attack Application attack OS attack Application attack SIP protocol fuzzing SIP denial of service SIP protocol fuzzing SIP denial of service SIP spoofing SIP ongoing fuzzing SIP stealth denial of service SIP distributed denial of service Media anomalies SIP spoofing SIP ongoing fuzzing SIP stealth denial of service SIP distributed denial of service Media anomalies

12 © 2009 Sipera Systems, Inc. All Rights Reserved. Technology Comparison Sipera UC-SecData FirewallSession Border Controller Floods / “fuzzing” protectionYesNoLimited – Rate limiting only Media anomaly protectionYesNo Spoofing preventionYesNo Stealth attack preventionYesNo Reconnaissance preventionYesNo Whitelist / blacklistYesNo – IP layer onlyYes Signaling firewallYesNo – Not for VoIPNo Media firewallYesNo – Not for VoIPYes Application controlYesNo – Not for VoIPNo Call routing policiesYesNoYes Message integrityYesNoLimited – Signaling only Privacy (encryption)YesNoLimited – Signaling only AuthenticationYesNoYes Replay protectionYesNoLimited – Signaling only Firewall / NAT traversalYesNo – Not for remote NATYes Secure firewall channelYesNo Call admission controlYesNoYes